X @Wu Blockchain

Ledger CTO Charles Guillemet has warned of a large-scale supply chain attack after a reputable developer’s NPM account was compromised, affecting JavaScript packages with over 1 billion downloads. The attacker injected malicious code that silently replaces crypto addresses to steal funds. NPM has disabled the compromised versions, but some frontend risks may persist. https://t.co/wmzBzak17d ...